Coming from more of a networking background than an AD background I
wouldn't have immediately thought of super-netting out right, myself. So
the point is well taken. If given this problem with no other background
I'd probably think more in terms of 'brouting' (bridged routing) or using
Server 2
Could you try again with the attachment or log snippet in text form if the
list server isn't accepting large attachments?
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain privileged and/or confidential information intended
fo
Almost sounds like a FTP phishing Trojan. Check the machine for virii with
a couple of up to date scanners as well. I have noticed a marked increase
in port 21 attack traffic as of late. There are any number of Trojans that
can accomplish this as well.
Likewise, do you allow any anonymous uplo
Steve;
You could setup a new account through AD or blow her existing account away
and see if that doesn't clear the stick from the mud. Just attacking this
as logically as I can, here. Since I do not know of a utility to check for
problems with Kerberos/AD... Though it seems like there should b
Steve;
Just for kicks. Could you create a local account for testing? This would
bypass any RADIUS/TAC+ problems and confirm the VPN client isn't at fault.
Also, Cisco released a new client about a week ago. Don't ask, my laptop
is stored for the weekend. Something like 4.881720344-1 or
Side note to VMing. I think your fine going through a static VPN (More V
acronyms!!) but be sure to close off ports: 5700, 5800 and 5900 on your
outside firewall interface as there are a number of different worms
looking for access to machines through those ports. Not nearly as bad as
say "Big
That definitely gives me something to zero in on. Now to find this caching
mechanism. At one time I thought (maybe Exchange 5.5) the magic number was
somewhere around 50ms.
Thanks!
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents co
Exchange 2003 using a soft client. Seems that the Web based Outlook works
fine. The client software is very slow when updating In/Outbox and
eventually looses connectivity. Not sure about the SSL side of things.
Will check.
Bear with me, here. So some of my terminology may be a bit off. I am a
All;
This may be slightly off topic.
Does anyone remember how fast Exchange needs the line speed to be for
remote access? I am working with a client that is having time out issues
with a 248ms (average) packet time. With some static routing I might be
able to get this number down to say 125ms
Its a software package that runs on, generally, its own server and
connects to a firewall to block access to sites considered nonbusiness
critical as in porn, phishing, hate, et. al. Administratively you could
block access to anything you wanted but generally to sites that either
pose some risk
Happens with my father and watches as well. The man cannot wear a watch
without it dying within weeks. But thats another story. If you can isolate
the symptoms to time of day or even the remote chance its a bad ballast
(flouresent lighting used to cause occasional problems with old CRTs),
etc.
No more dubious than the person who
asked how to get around his/her companies firewall proxy in the first place.
As admins we can only block what we first are told from management then
of course those areas that fall under our base of knowledge (security,
et. al.). Hopefully with some sort of
Its a firewall issue alright - lol -
theirs! They are using an appliance called IronPort and because you don't
have the required, in this case by the IronPort appliance, a PTR record
its not putting you into the allowed relay list. They may also require
ICMP (ping) to accept mail first. Some
Without an reverse PTR to your MX your
likely to have this problem with a number of folks. You can try sending
me a private message as well. My server will not except traffic without
a reverse record. Though it should be child's play for the ISP to configure
- usually just one entry, maybe tw
I have several DL 380s but only one
that is USB challenged. Or atleast it was till I applied the 7.40 or 7.60
Maint pack to it. Before that I did have problems with the USB to UPS.
It used to "fall off" and I would have to manually reconnect
occasionally. One of those maint packs solved the p
Ravi;
When you say your MX record looks "fine"
what and how are you specifically checking the MX record? Is this an established
MX record, any other history, might be helpfull as well. I have seen this
before but need more information before going forward.
Brent Eads
Employee Techno
Allan;
In addition to nslookup. You can also
use one of the web based sites if you need even more information though
set type MX, SOA, NS are also viable:
www.dnsstuff.com
- or -
http://whois.domaintools.com/
Either can give you more information
than you wanted such as abuse adm
Read the same story. Very clever of
Apple to say that and they were more upset with themselves for not catching
it.
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain privileged and/or confidential information int
Ethereal works very well: http://www.ethereal.com/
Brent Eads
Employee Technology Solutions, Inc.
The contents contain privileged and/or confidential information intended
for the named recipient of this email. ETSI (Employee Technology Solutions,
Inc.) does not warrant that t
Its very to extremely common to see
this traffic hitting a firewall. Its one of the first places nmap, nessus,
et. al. will look. Best practice would be to block this unnecessary traffic
from the internet segment both incomming and outgoing. Unless your connecting
directly through the Interne
Return Receipt
Your RE: [ActiveDir] OT: Protecting against Spyware/Adware
document:
We use TrendMicro as well. Probably
not quite as good as Webroot as Trend is a bit more conservative than is
Webroot. Then again, Webroot is very agressive as spyware is all they do.
Eventually, I think you'll see them acquired by one of the top three A/V
folks (Symantec, McAffee or TrendMicr
Return Receipt
Your RE: [ActiveDir] OT: Protecting against Spyware/Adware
document:
From what I have seen reported there
have been a few attempted attacks, all targeted. Did see one good probe
comming in from a firewall misconfiguration on my part that did try to
exploit it but didn't get far. Actually came in as a spoof through a developer's
machine via Poland via China if
Return Receipt
Your RE: [ActiveDir] AD Restore
document:
Return Receipt
Your [ActiveDir] AD Restore
document:
Robert;
One thing that immediately comes to
mind would be external DNS structures that may or may not change. Likewise,
depending on the location your time servers may also require some tweaking
- depending on the distance. If this is a short move then theres probably
little to worry about
From what you describe I think you could
actually save money by purchasing Trend Micro NeatSuite or the SMB product
as a package with Control Manager and save some money in the long run.
I haven't seen much in the past 30-60 days myself and am in a similar situation
sizewise: 8 servers, 5 peo
Heres a generic link directly to the
cisco forums - where I can actually answer questions instead of just lurking
- lol.
Enjoy!
http://forum.cisco.com/
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain pri
I love it when its so simple its difficult...
Thanks!
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain privileged and/or confidential information intended
for the named recipient of this email. ETSI (Employee Tec
Cannot find my notes on this one.
What is the command line to restart
DNS services without rebooting the DC?
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain privileged and/or confidential information intended
www.dnsstuff.com
Probably more information than you'd
ever want but a good site nonetheless.
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain privileged and/or confidential information intended
for the named r
If you can setup your firewall to do
reverse IP most if not all of this would go away. For example on Cisco
your firewall should be configured as:
ip verify reverse-path interface outside
Where 'outside' is whatever you refer
to the outside facing interface. It could called anything that
The .WMF has now been picked up by atleast
one of the lesser banner ad companies using revolving or rotating ads and
is now spreading quite quickly. The last F-Secure reports were 57 varieties
and counting.
Happy New Year!
Brent Eads aka >beads
Employee Technology Soluti
Tom;
Two things. First, if your network team
is specifically blocking all ICMP traffic its just not going to get there
regardless if its on VLAN or straight LAN traffic. You might suggest that
they allow ECHO ICMP instead of just blocking all ICMP. Second, to really
test where the blockage
Forward recursion. You shouldn't have
to allow forward recursions from outside your internal network(s) to foriegn
domains. If someone has an answer for this I would be very much pleased.
Its also a difficult way to do DNS poisoning. Difficult but not impossible.
Brent Eads
Employee Te
Are all your LDAP ports open, both ways?
Reason I ask is that I had a problem with negotiating some LDAP ports with
2k3 earlier in the week. Generally, you need the following open in a mixed
environment:
I think this list will cover just about
everything:
Client port
Heres a link to the official Cisco certification
forums:
http://forum.cisco.com/eforum/servlet/NetProf?page=Career_Certifications_discussion
Brent Eads
Employee Technology Solutions, Inc.
The contents contain privileged and/or confidential information intended
for the named reci
I know of off the shelf solutions that
do peeks and pokes to report the BIOS information but no idea how to intergrate
them through scripting but WMI is definitely your best approach. Is there
something in more particular you are looking for like port 1900 (USB broadcast)?
That might help mak
Joe;
I have one printer attached as a resource
off one server and one attached to a PC as a print resource. Now, everything
prints fine with one caveate - niether is listed in AD. Normally, not a
real problem but the second printer is also a fax/scanner and needs to
have connectivity throughout t
Having trouble publishing printers.
When I go to the Wizard at the root the process asks me for the pre-2000
UNC which is normal but cannot continue the operation from either print
server saying that I need to go to the printer folder, which for all accounts
does not exist. Have I missed something
To get all the information you should
be using a spanning (not spamming) port. That will show you all the information
going through the switch, not just what ethereal can collect. If there
is no spanning port you may want to break into the switch and tell it to
send all traffic to your port as wel
Went through the same thing but only
with laptops, desktops had no problem. Go figure. Check to make sure that
you have connections available to the client machine and/or log off but
leave the machine able to log on. Try doing the remote install that way.
The other way is to use the GPO script opt
Assuming that there is no static(s),
ACL, NAT or PAT issues with a firewall or router IOS keeping IP traffic
from flowing over what I am guessing to be port 80 traffic. ICMP (ping)
means little in the way of connectivity. Just means that a form of traffic
can reach the destination host. Have you d
44 matches
Mail list logo